Create an AWS IAM User With Terraform

Manging AWS IAM users accounts is an important task of any organisation that runs workloads in AWS, and today, we will create an IAM account using Terraform.

Creating IAM users with Terraform in AWS is critical because it allows us to have all permissions and access right in code and in source control.

Configuration

I am creating an IAM user (s3reduser) with permission to AWS S3 service only (see policy section) in the below configuration. In the policy section, I pasted the permissions in JSON format. The configuration also creates an access key.

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "3.52.0"
    }
  }
}

provider "aws" {
  region = "us-west-2"
}

resource "aws_iam_user" "iamuser" {
  name = "s3readuser"
}

resource "aws_iam_access_key" "iamuserkey" {
  user = aws_iam_user.iamuser.name
}

resource "aws_iam_user_policy" "iam" {
  name = "test"
  user = aws_iam_user.iamuser.name

  policy = <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": "*"
        }
    ]
}
EOF
}

Posted

in

, ,

by